Fix DH key generation.
authorBen Laurie <ben@openssl.org>
Thu, 7 Jan 1999 00:37:01 +0000 (00:37 +0000)
committerBen Laurie <ben@openssl.org>
Thu, 7 Jan 1999 00:37:01 +0000 (00:37 +0000)
Contributed by: Anonymous <nobody@replay.com>

CHANGES
ssl/s3_srvr.c

diff --git a/CHANGES b/CHANGES
index 2a8877a..882b247 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -5,6 +5,10 @@
 
  Changes between 0.9.1c and 0.9.2
 
+  *) If a DH key is generated in s3_srvr.c, don't blow it by trying to use
+     NULL pointers.
+     [Anonymous <nobody@replay.com>]
+
   *) s_server should send the CAfile as acceptable CAs, not its own cert.
      [Bodo Moeller <3moeller@informatik.uni-hamburg.de>]
 
index 4e856b3..09041b2 100644 (file)
@@ -953,13 +953,16 @@ SSL *s;
                                }
 
                        s->s3->tmp.dh=dh;
-                       if (((dhp->pub_key == NULL) ||
-                            (dhp->priv_key == NULL) ||
-                            (s->options & SSL_OP_SINGLE_DH_USE)) &&
-                           (!DH_generate_key(dh)))
+                       if ((dhp->pub_key == NULL ||
+                            dhp->priv_key == NULL ||
+                            (s->options & SSL_OP_SINGLE_DH_USE)))
                                {
-                               SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
-                               goto err;
+                               if(!DH_generate_key(dh))
+                                   {
+                                   SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+                                          ERR_R_DH_LIB);
+                                   goto err;
+                                   }
                                }
                        else
                                {